1. Packages
  2. Azure Native
  3. API Docs
  4. security
  5. AssessmentMetadataInSubscription
This is the latest version of Azure Native. Use the Azure Native v1 docs if using the v1 version of this package.
Azure Native v2.73.0 published on Wednesday, Nov 20, 2024 by Pulumi

azure-native.security.AssessmentMetadataInSubscription

Explore with Pulumi AI

azure-native logo
This is the latest version of Azure Native. Use the Azure Native v1 docs if using the v1 version of this package.
Azure Native v2.73.0 published on Wednesday, Nov 20, 2024 by Pulumi

    Security assessment metadata response Azure REST API version: 2021-06-01. Prior API version in Azure Native 1.x: 2020-01-01.

    Example Usage

    Create security assessment metadata for subscription

    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using AzureNative = Pulumi.AzureNative;
    
    return await Deployment.RunAsync(() => 
    {
        var assessmentMetadataInSubscription = new AzureNative.Security.AssessmentMetadataInSubscription("assessmentMetadataInSubscription", new()
        {
            AssessmentMetadataName = "ca039e75-a276-4175-aebc-bcd41e4b14b7",
            AssessmentType = AzureNative.Security.AssessmentType.CustomerManaged,
            Categories = new[]
            {
                AzureNative.Security.Categories.Compute,
            },
            Description = "Install an endpoint protection solution on your virtual machines scale sets, to protect them from threats and vulnerabilities.",
            DisplayName = "Install endpoint protection solution on virtual machine scale sets",
            ImplementationEffort = AzureNative.Security.ImplementationEffort.Low,
            RemediationDescription = "To install an endpoint protection solution: 1.  <a href=\"https://docs.microsoft.com/azure/virtual-machine-scale-sets/virtual-machine-scale-sets-faq#how-do-i-turn-on-antimalware-in-my-virtual-machine-scale-set\">Follow the instructions in How do I turn on antimalware in my virtual machine scale set</a>",
            Severity = AzureNative.Security.Severity.Medium,
            Threats = new[]
            {
                AzureNative.Security.Threats.DataExfiltration,
                AzureNative.Security.Threats.DataSpillage,
                AzureNative.Security.Threats.MaliciousInsider,
            },
            UserImpact = AzureNative.Security.UserImpact.Low,
        });
    
    });
    
    package main
    
    import (
    	security "github.com/pulumi/pulumi-azure-native-sdk/security/v2"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := security.NewAssessmentMetadataInSubscription(ctx, "assessmentMetadataInSubscription", &security.AssessmentMetadataInSubscriptionArgs{
    			AssessmentMetadataName: pulumi.String("ca039e75-a276-4175-aebc-bcd41e4b14b7"),
    			AssessmentType:         pulumi.String(security.AssessmentTypeCustomerManaged),
    			Categories: pulumi.StringArray{
    				pulumi.String(security.CategoriesCompute),
    			},
    			Description:            pulumi.String("Install an endpoint protection solution on your virtual machines scale sets, to protect them from threats and vulnerabilities."),
    			DisplayName:            pulumi.String("Install endpoint protection solution on virtual machine scale sets"),
    			ImplementationEffort:   pulumi.String(security.ImplementationEffortLow),
    			RemediationDescription: pulumi.String("To install an endpoint protection solution: 1.  <a href=\"https://docs.microsoft.com/azure/virtual-machine-scale-sets/virtual-machine-scale-sets-faq#how-do-i-turn-on-antimalware-in-my-virtual-machine-scale-set\">Follow the instructions in How do I turn on antimalware in my virtual machine scale set</a>"),
    			Severity:               pulumi.String(security.SeverityMedium),
    			Threats: pulumi.StringArray{
    				pulumi.String(security.ThreatsDataExfiltration),
    				pulumi.String(security.ThreatsDataSpillage),
    				pulumi.String(security.ThreatsMaliciousInsider),
    			},
    			UserImpact: pulumi.String(security.UserImpactLow),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.azurenative.security.AssessmentMetadataInSubscription;
    import com.pulumi.azurenative.security.AssessmentMetadataInSubscriptionArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var assessmentMetadataInSubscription = new AssessmentMetadataInSubscription("assessmentMetadataInSubscription", AssessmentMetadataInSubscriptionArgs.builder()
                .assessmentMetadataName("ca039e75-a276-4175-aebc-bcd41e4b14b7")
                .assessmentType("CustomerManaged")
                .categories("Compute")
                .description("Install an endpoint protection solution on your virtual machines scale sets, to protect them from threats and vulnerabilities.")
                .displayName("Install endpoint protection solution on virtual machine scale sets")
                .implementationEffort("Low")
                .remediationDescription("To install an endpoint protection solution: 1.  <a href=\"https://docs.microsoft.com/azure/virtual-machine-scale-sets/virtual-machine-scale-sets-faq#how-do-i-turn-on-antimalware-in-my-virtual-machine-scale-set\">Follow the instructions in How do I turn on antimalware in my virtual machine scale set</a>")
                .severity("Medium")
                .threats(            
                    "dataExfiltration",
                    "dataSpillage",
                    "maliciousInsider")
                .userImpact("Low")
                .build());
    
        }
    }
    
    import pulumi
    import pulumi_azure_native as azure_native
    
    assessment_metadata_in_subscription = azure_native.security.AssessmentMetadataInSubscription("assessmentMetadataInSubscription",
        assessment_metadata_name="ca039e75-a276-4175-aebc-bcd41e4b14b7",
        assessment_type=azure_native.security.AssessmentType.CUSTOMER_MANAGED,
        categories=[azure_native.security.Categories.COMPUTE],
        description="Install an endpoint protection solution on your virtual machines scale sets, to protect them from threats and vulnerabilities.",
        display_name="Install endpoint protection solution on virtual machine scale sets",
        implementation_effort=azure_native.security.ImplementationEffort.LOW,
        remediation_description="To install an endpoint protection solution: 1.  <a href=\"https://docs.microsoft.com/azure/virtual-machine-scale-sets/virtual-machine-scale-sets-faq#how-do-i-turn-on-antimalware-in-my-virtual-machine-scale-set\">Follow the instructions in How do I turn on antimalware in my virtual machine scale set</a>",
        severity=azure_native.security.Severity.MEDIUM,
        threats=[
            azure_native.security.Threats.DATA_EXFILTRATION,
            azure_native.security.Threats.DATA_SPILLAGE,
            azure_native.security.Threats.MALICIOUS_INSIDER,
        ],
        user_impact=azure_native.security.UserImpact.LOW)
    
    import * as pulumi from "@pulumi/pulumi";
    import * as azure_native from "@pulumi/azure-native";
    
    const assessmentMetadataInSubscription = new azure_native.security.AssessmentMetadataInSubscription("assessmentMetadataInSubscription", {
        assessmentMetadataName: "ca039e75-a276-4175-aebc-bcd41e4b14b7",
        assessmentType: azure_native.security.AssessmentType.CustomerManaged,
        categories: [azure_native.security.Categories.Compute],
        description: "Install an endpoint protection solution on your virtual machines scale sets, to protect them from threats and vulnerabilities.",
        displayName: "Install endpoint protection solution on virtual machine scale sets",
        implementationEffort: azure_native.security.ImplementationEffort.Low,
        remediationDescription: "To install an endpoint protection solution: 1.  <a href=\"https://docs.microsoft.com/azure/virtual-machine-scale-sets/virtual-machine-scale-sets-faq#how-do-i-turn-on-antimalware-in-my-virtual-machine-scale-set\">Follow the instructions in How do I turn on antimalware in my virtual machine scale set</a>",
        severity: azure_native.security.Severity.Medium,
        threats: [
            azure_native.security.Threats.DataExfiltration,
            azure_native.security.Threats.DataSpillage,
            azure_native.security.Threats.MaliciousInsider,
        ],
        userImpact: azure_native.security.UserImpact.Low,
    });
    
    resources:
      assessmentMetadataInSubscription:
        type: azure-native:security:AssessmentMetadataInSubscription
        properties:
          assessmentMetadataName: ca039e75-a276-4175-aebc-bcd41e4b14b7
          assessmentType: CustomerManaged
          categories:
            - Compute
          description: Install an endpoint protection solution on your virtual machines scale sets, to protect them from threats and vulnerabilities.
          displayName: Install endpoint protection solution on virtual machine scale sets
          implementationEffort: Low
          remediationDescription: 'To install an endpoint protection solution: 1.  <a href="https://docs.microsoft.com/azure/virtual-machine-scale-sets/virtual-machine-scale-sets-faq#how-do-i-turn-on-antimalware-in-my-virtual-machine-scale-set">Follow the instructions in How do I turn on antimalware in my virtual machine scale set</a>'
          severity: Medium
          threats:
            - dataExfiltration
            - dataSpillage
            - maliciousInsider
          userImpact: Low
    

    Create AssessmentMetadataInSubscription Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new AssessmentMetadataInSubscription(name: string, args: AssessmentMetadataInSubscriptionArgs, opts?: CustomResourceOptions);
    @overload
    def AssessmentMetadataInSubscription(resource_name: str,
                                         args: AssessmentMetadataInSubscriptionArgs,
                                         opts: Optional[ResourceOptions] = None)
    
    @overload
    def AssessmentMetadataInSubscription(resource_name: str,
                                         opts: Optional[ResourceOptions] = None,
                                         display_name: Optional[str] = None,
                                         assessment_type: Optional[Union[str, AssessmentType]] = None,
                                         severity: Optional[Union[str, Severity]] = None,
                                         preview: Optional[bool] = None,
                                         description: Optional[str] = None,
                                         implementation_effort: Optional[Union[str, ImplementationEffort]] = None,
                                         partner_data: Optional[SecurityAssessmentMetadataPartnerDataArgs] = None,
                                         planned_deprecation_date: Optional[str] = None,
                                         assessment_metadata_name: Optional[str] = None,
                                         publish_dates: Optional[SecurityAssessmentMetadataPropertiesResponsePublishDatesArgs] = None,
                                         remediation_description: Optional[str] = None,
                                         categories: Optional[Sequence[Union[str, Categories]]] = None,
                                         tactics: Optional[Sequence[Union[str, Tactics]]] = None,
                                         techniques: Optional[Sequence[Union[str, Techniques]]] = None,
                                         threats: Optional[Sequence[Union[str, Threats]]] = None,
                                         user_impact: Optional[Union[str, UserImpact]] = None)
    func NewAssessmentMetadataInSubscription(ctx *Context, name string, args AssessmentMetadataInSubscriptionArgs, opts ...ResourceOption) (*AssessmentMetadataInSubscription, error)
    public AssessmentMetadataInSubscription(string name, AssessmentMetadataInSubscriptionArgs args, CustomResourceOptions? opts = null)
    public AssessmentMetadataInSubscription(String name, AssessmentMetadataInSubscriptionArgs args)
    public AssessmentMetadataInSubscription(String name, AssessmentMetadataInSubscriptionArgs args, CustomResourceOptions options)
    
    type: azure-native:security:AssessmentMetadataInSubscription
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args AssessmentMetadataInSubscriptionArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args AssessmentMetadataInSubscriptionArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args AssessmentMetadataInSubscriptionArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args AssessmentMetadataInSubscriptionArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args AssessmentMetadataInSubscriptionArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var assessmentMetadataInSubscriptionResource = new AzureNative.Security.AssessmentMetadataInSubscription("assessmentMetadataInSubscriptionResource", new()
    {
        DisplayName = "string",
        AssessmentType = "string",
        Severity = "string",
        Preview = false,
        Description = "string",
        ImplementationEffort = "string",
        PartnerData = new AzureNative.Security.Inputs.SecurityAssessmentMetadataPartnerDataArgs
        {
            PartnerName = "string",
            Secret = "string",
            ProductName = "string",
        },
        PlannedDeprecationDate = "string",
        AssessmentMetadataName = "string",
        PublishDates = new AzureNative.Security.Inputs.SecurityAssessmentMetadataPropertiesResponsePublishDatesArgs
        {
            Public = "string",
            GA = "string",
        },
        RemediationDescription = "string",
        Categories = new[]
        {
            "string",
        },
        Tactics = new[]
        {
            "string",
        },
        Techniques = new[]
        {
            "string",
        },
        Threats = new[]
        {
            "string",
        },
        UserImpact = "string",
    });
    
    example, err := security.NewAssessmentMetadataInSubscription(ctx, "assessmentMetadataInSubscriptionResource", &security.AssessmentMetadataInSubscriptionArgs{
    	DisplayName:          pulumi.String("string"),
    	AssessmentType:       pulumi.String("string"),
    	Severity:             pulumi.String("string"),
    	Preview:              pulumi.Bool(false),
    	Description:          pulumi.String("string"),
    	ImplementationEffort: pulumi.String("string"),
    	PartnerData: &security.SecurityAssessmentMetadataPartnerDataArgs{
    		PartnerName: pulumi.String("string"),
    		Secret:      pulumi.String("string"),
    		ProductName: pulumi.String("string"),
    	},
    	PlannedDeprecationDate: pulumi.String("string"),
    	AssessmentMetadataName: pulumi.String("string"),
    	PublishDates: &security.SecurityAssessmentMetadataPropertiesResponsePublishDatesArgs{
    		Public: pulumi.String("string"),
    		GA:     pulumi.String("string"),
    	},
    	RemediationDescription: pulumi.String("string"),
    	Categories: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	Tactics: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	Techniques: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	Threats: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	UserImpact: pulumi.String("string"),
    })
    
    var assessmentMetadataInSubscriptionResource = new AssessmentMetadataInSubscription("assessmentMetadataInSubscriptionResource", AssessmentMetadataInSubscriptionArgs.builder()
        .displayName("string")
        .assessmentType("string")
        .severity("string")
        .preview(false)
        .description("string")
        .implementationEffort("string")
        .partnerData(SecurityAssessmentMetadataPartnerDataArgs.builder()
            .partnerName("string")
            .secret("string")
            .productName("string")
            .build())
        .plannedDeprecationDate("string")
        .assessmentMetadataName("string")
        .publishDates(SecurityAssessmentMetadataPropertiesResponsePublishDatesArgs.builder()
            .public_("string")
            .gA("string")
            .build())
        .remediationDescription("string")
        .categories("string")
        .tactics("string")
        .techniques("string")
        .threats("string")
        .userImpact("string")
        .build());
    
    assessment_metadata_in_subscription_resource = azure_native.security.AssessmentMetadataInSubscription("assessmentMetadataInSubscriptionResource",
        display_name="string",
        assessment_type="string",
        severity="string",
        preview=False,
        description="string",
        implementation_effort="string",
        partner_data={
            "partner_name": "string",
            "secret": "string",
            "product_name": "string",
        },
        planned_deprecation_date="string",
        assessment_metadata_name="string",
        publish_dates={
            "public": "string",
            "g_a": "string",
        },
        remediation_description="string",
        categories=["string"],
        tactics=["string"],
        techniques=["string"],
        threats=["string"],
        user_impact="string")
    
    const assessmentMetadataInSubscriptionResource = new azure_native.security.AssessmentMetadataInSubscription("assessmentMetadataInSubscriptionResource", {
        displayName: "string",
        assessmentType: "string",
        severity: "string",
        preview: false,
        description: "string",
        implementationEffort: "string",
        partnerData: {
            partnerName: "string",
            secret: "string",
            productName: "string",
        },
        plannedDeprecationDate: "string",
        assessmentMetadataName: "string",
        publishDates: {
            "public": "string",
            gA: "string",
        },
        remediationDescription: "string",
        categories: ["string"],
        tactics: ["string"],
        techniques: ["string"],
        threats: ["string"],
        userImpact: "string",
    });
    
    type: azure-native:security:AssessmentMetadataInSubscription
    properties:
        assessmentMetadataName: string
        assessmentType: string
        categories:
            - string
        description: string
        displayName: string
        implementationEffort: string
        partnerData:
            partnerName: string
            productName: string
            secret: string
        plannedDeprecationDate: string
        preview: false
        publishDates:
            gA: string
            public: string
        remediationDescription: string
        severity: string
        tactics:
            - string
        techniques:
            - string
        threats:
            - string
        userImpact: string
    

    AssessmentMetadataInSubscription Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

    The AssessmentMetadataInSubscription resource accepts the following input properties:

    AssessmentType string | Pulumi.AzureNative.Security.AssessmentType
    BuiltIn if the assessment based on built-in Azure Policy definition, Custom if the assessment based on custom Azure Policy definition
    DisplayName string
    User friendly display name of the assessment
    Severity string | Pulumi.AzureNative.Security.Severity
    The severity level of the assessment
    AssessmentMetadataName string
    The Assessment Key - Unique key for the assessment type
    Categories List<Union<string, Pulumi.AzureNative.Security.Categories>>
    Description string
    Human readable description of the assessment
    ImplementationEffort string | Pulumi.AzureNative.Security.ImplementationEffort
    The implementation effort required to remediate this assessment
    PartnerData Pulumi.AzureNative.Security.Inputs.SecurityAssessmentMetadataPartnerData
    Describes the partner that created the assessment
    PlannedDeprecationDate string
    Preview bool
    True if this assessment is in preview release status
    PublishDates Pulumi.AzureNative.Security.Inputs.SecurityAssessmentMetadataPropertiesResponsePublishDates
    RemediationDescription string
    Human readable description of what you should do to mitigate this security issue
    Tactics List<Union<string, Pulumi.AzureNative.Security.Tactics>>
    Techniques List<Union<string, Pulumi.AzureNative.Security.Techniques>>
    Threats List<Union<string, Pulumi.AzureNative.Security.Threats>>
    UserImpact string | Pulumi.AzureNative.Security.UserImpact
    The user impact of the assessment
    AssessmentType string | AssessmentType
    BuiltIn if the assessment based on built-in Azure Policy definition, Custom if the assessment based on custom Azure Policy definition
    DisplayName string
    User friendly display name of the assessment
    Severity string | Severity
    The severity level of the assessment
    AssessmentMetadataName string
    The Assessment Key - Unique key for the assessment type
    Categories []string
    Description string
    Human readable description of the assessment
    ImplementationEffort string | ImplementationEffort
    The implementation effort required to remediate this assessment
    PartnerData SecurityAssessmentMetadataPartnerDataArgs
    Describes the partner that created the assessment
    PlannedDeprecationDate string
    Preview bool
    True if this assessment is in preview release status
    PublishDates SecurityAssessmentMetadataPropertiesResponsePublishDatesArgs
    RemediationDescription string
    Human readable description of what you should do to mitigate this security issue
    Tactics []string
    Techniques []string
    Threats []string
    UserImpact string | UserImpact
    The user impact of the assessment
    assessmentType String | AssessmentType
    BuiltIn if the assessment based on built-in Azure Policy definition, Custom if the assessment based on custom Azure Policy definition
    displayName String
    User friendly display name of the assessment
    severity String | Severity
    The severity level of the assessment
    assessmentMetadataName String
    The Assessment Key - Unique key for the assessment type
    categories List<Either<String,Categories>>
    description String
    Human readable description of the assessment
    implementationEffort String | ImplementationEffort
    The implementation effort required to remediate this assessment
    partnerData SecurityAssessmentMetadataPartnerData
    Describes the partner that created the assessment
    plannedDeprecationDate String
    preview Boolean
    True if this assessment is in preview release status
    publishDates SecurityAssessmentMetadataPropertiesResponsePublishDates
    remediationDescription String
    Human readable description of what you should do to mitigate this security issue
    tactics List<Either<String,Tactics>>
    techniques List<Either<String,Techniques>>
    threats List<Either<String,Threats>>
    userImpact String | UserImpact
    The user impact of the assessment
    assessmentType string | AssessmentType
    BuiltIn if the assessment based on built-in Azure Policy definition, Custom if the assessment based on custom Azure Policy definition
    displayName string
    User friendly display name of the assessment
    severity string | Severity
    The severity level of the assessment
    assessmentMetadataName string
    The Assessment Key - Unique key for the assessment type
    categories (string | Categories)[]
    description string
    Human readable description of the assessment
    implementationEffort string | ImplementationEffort
    The implementation effort required to remediate this assessment
    partnerData SecurityAssessmentMetadataPartnerData
    Describes the partner that created the assessment
    plannedDeprecationDate string
    preview boolean
    True if this assessment is in preview release status
    publishDates SecurityAssessmentMetadataPropertiesResponsePublishDates
    remediationDescription string
    Human readable description of what you should do to mitigate this security issue
    tactics (string | Tactics)[]
    techniques (string | Techniques)[]
    threats (string | Threats)[]
    userImpact string | UserImpact
    The user impact of the assessment
    assessment_type str | AssessmentType
    BuiltIn if the assessment based on built-in Azure Policy definition, Custom if the assessment based on custom Azure Policy definition
    display_name str
    User friendly display name of the assessment
    severity str | Severity
    The severity level of the assessment
    assessment_metadata_name str
    The Assessment Key - Unique key for the assessment type
    categories Sequence[Union[str, Categories]]
    description str
    Human readable description of the assessment
    implementation_effort str | ImplementationEffort
    The implementation effort required to remediate this assessment
    partner_data SecurityAssessmentMetadataPartnerDataArgs
    Describes the partner that created the assessment
    planned_deprecation_date str
    preview bool
    True if this assessment is in preview release status
    publish_dates SecurityAssessmentMetadataPropertiesResponsePublishDatesArgs
    remediation_description str
    Human readable description of what you should do to mitigate this security issue
    tactics Sequence[Union[str, Tactics]]
    techniques Sequence[Union[str, Techniques]]
    threats Sequence[Union[str, Threats]]
    user_impact str | UserImpact
    The user impact of the assessment
    assessmentType String | "BuiltIn" | "CustomPolicy" | "CustomerManaged"
    BuiltIn if the assessment based on built-in Azure Policy definition, Custom if the assessment based on custom Azure Policy definition
    displayName String
    User friendly display name of the assessment
    severity String | "Low" | "Medium" | "High"
    The severity level of the assessment
    assessmentMetadataName String
    The Assessment Key - Unique key for the assessment type
    categories List<String | "Compute" | "Networking" | "Data" | "IdentityAndAccess" | "IoT">
    description String
    Human readable description of the assessment
    implementationEffort String | "Low" | "Moderate" | "High"
    The implementation effort required to remediate this assessment
    partnerData Property Map
    Describes the partner that created the assessment
    plannedDeprecationDate String
    preview Boolean
    True if this assessment is in preview release status
    publishDates Property Map
    remediationDescription String
    Human readable description of what you should do to mitigate this security issue
    tactics List<String | "Reconnaissance" | "Resource Development" | "Initial Access" | "Execution" | "Persistence" | "Privilege Escalation" | "Defense Evasion" | "Credential Access" | "Discovery" | "Lateral Movement" | "Collection" | "Command and Control" | "Exfiltration" | "Impact">
    techniques List<String | "Abuse Elevation Control Mechanism" | "Access Token Manipulation" | "Account Discovery" | "Account Manipulation" | "Active Scanning" | "Application Layer Protocol" | "Audio Capture" | "Boot or Logon Autostart Execution" | "Boot or Logon Initialization Scripts" | "Brute Force" | "Cloud Infrastructure Discovery" | "Cloud Service Dashboard" | "Cloud Service Discovery" | "Command and Scripting Interpreter" | "Compromise Client Software Binary" | "Compromise Infrastructure" | "Container and Resource Discovery" | "Create Account" | "Create or Modify System Process" | "Credentials from Password Stores" | "Data Destruction" | "Data Encrypted for Impact" | "Data from Cloud Storage Object" | "Data from Configuration Repository" | "Data from Information Repositories" | "Data from Local System" | "Data Manipulation" | "Data Staged" | "Defacement" | "Deobfuscate/Decode Files or Information" | "Disk Wipe" | "Domain Trust Discovery" | "Drive-by Compromise" | "Dynamic Resolution" | "Endpoint Denial of Service" | "Event Triggered Execution" | "Exfiltration Over Alternative Protocol" | "Exploit Public-Facing Application" | "Exploitation for Client Execution" | "Exploitation for Credential Access" | "Exploitation for Defense Evasion" | "Exploitation for Privilege Escalation" | "Exploitation of Remote Services" | "External Remote Services" | "Fallback Channels" | "File and Directory Discovery" | "Gather Victim Network Information" | "Hide Artifacts" | "Hijack Execution Flow" | "Impair Defenses" | "Implant Container Image" | "Indicator Removal on Host" | "Indirect Command Execution" | "Ingress Tool Transfer" | "Input Capture" | "Inter-Process Communication" | "Lateral Tool Transfer" | "Man-in-the-Middle" | "Masquerading" | "Modify Authentication Process" | "Modify Registry" | "Network Denial of Service" | "Network Service Scanning" | "Network Sniffing" | "Non-Application Layer Protocol" | "Non-Standard Port" | "Obtain Capabilities" | "Obfuscated Files or Information" | "Office Application Startup" | "OS Credential Dumping" | "Permission Groups Discovery" | "Phishing" | "Pre-OS Boot" | "Process Discovery" | "Process Injection" | "Protocol Tunneling" | "Proxy" | "Query Registry" | "Remote Access Software" | "Remote Service Session Hijacking" | "Remote Services" | "Remote System Discovery" | "Resource Hijacking" | "Scheduled Task/Job" | "Screen Capture" | "Search Victim-Owned Websites" | "Server Software Component" | "Service Stop" | "Signed Binary Proxy Execution" | "Software Deployment Tools" | "SQL Stored Procedures" | "Steal or Forge Kerberos Tickets" | "Subvert Trust Controls" | "Supply Chain Compromise" | "System Information Discovery" | "Taint Shared Content" | "Traffic Signaling" | "Transfer Data to Cloud Account" | "Trusted Relationship" | "Unsecured Credentials" | "User Execution" | "Valid Accounts" | "Windows Management Instrumentation" | "File and Directory Permissions Modification">
    threats List<String | "accountBreach" | "dataExfiltration" | "dataSpillage" | "maliciousInsider" | "elevationOfPrivilege" | "threatResistance" | "missingCoverage" | "denialOfService">
    userImpact String | "Low" | "Moderate" | "High"
    The user impact of the assessment

    Outputs

    All input properties are implicitly available as output properties. Additionally, the AssessmentMetadataInSubscription resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    Name string
    Resource name
    PolicyDefinitionId string
    Azure resource ID of the policy definition that turns this assessment calculation on
    Type string
    Resource type
    Id string
    The provider-assigned unique ID for this managed resource.
    Name string
    Resource name
    PolicyDefinitionId string
    Azure resource ID of the policy definition that turns this assessment calculation on
    Type string
    Resource type
    id String
    The provider-assigned unique ID for this managed resource.
    name String
    Resource name
    policyDefinitionId String
    Azure resource ID of the policy definition that turns this assessment calculation on
    type String
    Resource type
    id string
    The provider-assigned unique ID for this managed resource.
    name string
    Resource name
    policyDefinitionId string
    Azure resource ID of the policy definition that turns this assessment calculation on
    type string
    Resource type
    id str
    The provider-assigned unique ID for this managed resource.
    name str
    Resource name
    policy_definition_id str
    Azure resource ID of the policy definition that turns this assessment calculation on
    type str
    Resource type
    id String
    The provider-assigned unique ID for this managed resource.
    name String
    Resource name
    policyDefinitionId String
    Azure resource ID of the policy definition that turns this assessment calculation on
    type String
    Resource type

    Supporting Types

    AssessmentType, AssessmentTypeArgs

    BuiltIn
    BuiltInMicrosoft Defender for Cloud managed assessments
    CustomPolicy
    CustomPolicyUser defined policies that are automatically ingested from Azure Policy to Microsoft Defender for Cloud
    CustomerManaged
    CustomerManagedUser assessments pushed directly by the user or other third party to Microsoft Defender for Cloud
    AssessmentTypeBuiltIn
    BuiltInMicrosoft Defender for Cloud managed assessments
    AssessmentTypeCustomPolicy
    CustomPolicyUser defined policies that are automatically ingested from Azure Policy to Microsoft Defender for Cloud
    AssessmentTypeCustomerManaged
    CustomerManagedUser assessments pushed directly by the user or other third party to Microsoft Defender for Cloud
    BuiltIn
    BuiltInMicrosoft Defender for Cloud managed assessments
    CustomPolicy
    CustomPolicyUser defined policies that are automatically ingested from Azure Policy to Microsoft Defender for Cloud
    CustomerManaged
    CustomerManagedUser assessments pushed directly by the user or other third party to Microsoft Defender for Cloud
    BuiltIn
    BuiltInMicrosoft Defender for Cloud managed assessments
    CustomPolicy
    CustomPolicyUser defined policies that are automatically ingested from Azure Policy to Microsoft Defender for Cloud
    CustomerManaged
    CustomerManagedUser assessments pushed directly by the user or other third party to Microsoft Defender for Cloud
    BUILT_IN
    BuiltInMicrosoft Defender for Cloud managed assessments
    CUSTOM_POLICY
    CustomPolicyUser defined policies that are automatically ingested from Azure Policy to Microsoft Defender for Cloud
    CUSTOMER_MANAGED
    CustomerManagedUser assessments pushed directly by the user or other third party to Microsoft Defender for Cloud
    "BuiltIn"
    BuiltInMicrosoft Defender for Cloud managed assessments
    "CustomPolicy"
    CustomPolicyUser defined policies that are automatically ingested from Azure Policy to Microsoft Defender for Cloud
    "CustomerManaged"
    CustomerManagedUser assessments pushed directly by the user or other third party to Microsoft Defender for Cloud

    Categories, CategoriesArgs

    Compute
    Compute
    Networking
    Networking
    Data
    Data
    IdentityAndAccess
    IdentityAndAccess
    IoT
    IoT
    CategoriesCompute
    Compute
    CategoriesNetworking
    Networking
    CategoriesData
    Data
    CategoriesIdentityAndAccess
    IdentityAndAccess
    CategoriesIoT
    IoT
    Compute
    Compute
    Networking
    Networking
    Data
    Data
    IdentityAndAccess
    IdentityAndAccess
    IoT
    IoT
    Compute
    Compute
    Networking
    Networking
    Data
    Data
    IdentityAndAccess
    IdentityAndAccess
    IoT
    IoT
    COMPUTE
    Compute
    NETWORKING
    Networking
    DATA
    Data
    IDENTITY_AND_ACCESS
    IdentityAndAccess
    IO_T
    IoT
    "Compute"
    Compute
    "Networking"
    Networking
    "Data"
    Data
    "IdentityAndAccess"
    IdentityAndAccess
    "IoT"
    IoT

    ImplementationEffort, ImplementationEffortArgs

    Low
    Low
    Moderate
    Moderate
    High
    High
    ImplementationEffortLow
    Low
    ImplementationEffortModerate
    Moderate
    ImplementationEffortHigh
    High
    Low
    Low
    Moderate
    Moderate
    High
    High
    Low
    Low
    Moderate
    Moderate
    High
    High
    LOW
    Low
    MODERATE
    Moderate
    HIGH
    High
    "Low"
    Low
    "Moderate"
    Moderate
    "High"
    High

    SecurityAssessmentMetadataPartnerData, SecurityAssessmentMetadataPartnerDataArgs

    PartnerName string
    Name of the company of the partner
    Secret string
    Secret to authenticate the partner and verify it created the assessment - write only
    ProductName string
    Name of the product of the partner that created the assessment
    PartnerName string
    Name of the company of the partner
    Secret string
    Secret to authenticate the partner and verify it created the assessment - write only
    ProductName string
    Name of the product of the partner that created the assessment
    partnerName String
    Name of the company of the partner
    secret String
    Secret to authenticate the partner and verify it created the assessment - write only
    productName String
    Name of the product of the partner that created the assessment
    partnerName string
    Name of the company of the partner
    secret string
    Secret to authenticate the partner and verify it created the assessment - write only
    productName string
    Name of the product of the partner that created the assessment
    partner_name str
    Name of the company of the partner
    secret str
    Secret to authenticate the partner and verify it created the assessment - write only
    product_name str
    Name of the product of the partner that created the assessment
    partnerName String
    Name of the company of the partner
    secret String
    Secret to authenticate the partner and verify it created the assessment - write only
    productName String
    Name of the product of the partner that created the assessment

    SecurityAssessmentMetadataPartnerDataResponse, SecurityAssessmentMetadataPartnerDataResponseArgs

    PartnerName string
    Name of the company of the partner
    Secret string
    Secret to authenticate the partner and verify it created the assessment - write only
    ProductName string
    Name of the product of the partner that created the assessment
    PartnerName string
    Name of the company of the partner
    Secret string
    Secret to authenticate the partner and verify it created the assessment - write only
    ProductName string
    Name of the product of the partner that created the assessment
    partnerName String
    Name of the company of the partner
    secret String
    Secret to authenticate the partner and verify it created the assessment - write only
    productName String
    Name of the product of the partner that created the assessment
    partnerName string
    Name of the company of the partner
    secret string
    Secret to authenticate the partner and verify it created the assessment - write only
    productName string
    Name of the product of the partner that created the assessment
    partner_name str
    Name of the company of the partner
    secret str
    Secret to authenticate the partner and verify it created the assessment - write only
    product_name str
    Name of the product of the partner that created the assessment
    partnerName String
    Name of the company of the partner
    secret String
    Secret to authenticate the partner and verify it created the assessment - write only
    productName String
    Name of the product of the partner that created the assessment

    SecurityAssessmentMetadataPropertiesResponsePublishDates, SecurityAssessmentMetadataPropertiesResponsePublishDatesArgs

    Public string
    GA string
    Public string
    GA string
    public_ String
    gA String
    public string
    gA string
    public str
    g_a str
    public String
    gA String

    SecurityAssessmentMetadataPropertiesResponseResponsePublishDates, SecurityAssessmentMetadataPropertiesResponseResponsePublishDatesArgs

    Public string
    GA string
    Public string
    GA string
    public_ String
    gA String
    public string
    gA string
    public str
    g_a str
    public String
    gA String

    Severity, SeverityArgs

    Low
    Low
    Medium
    Medium
    High
    High
    SeverityLow
    Low
    SeverityMedium
    Medium
    SeverityHigh
    High
    Low
    Low
    Medium
    Medium
    High
    High
    Low
    Low
    Medium
    Medium
    High
    High
    LOW
    Low
    MEDIUM
    Medium
    HIGH
    High
    "Low"
    Low
    "Medium"
    Medium
    "High"
    High

    Tactics, TacticsArgs

    Reconnaissance
    Reconnaissance
    Resource_Development
    Resource Development
    Initial_Access
    Initial Access
    Execution
    Execution
    Persistence
    Persistence
    Privilege_Escalation
    Privilege Escalation
    Defense_Evasion
    Defense Evasion
    Credential_Access
    Credential Access
    Discovery
    Discovery
    Lateral_Movement
    Lateral Movement
    Collection
    Collection
    Command_and_Control
    Command and Control
    Exfiltration
    Exfiltration
    Impact
    Impact
    TacticsReconnaissance
    Reconnaissance
    Tactics_Resource_Development
    Resource Development
    Tactics_Initial_Access
    Initial Access
    TacticsExecution
    Execution
    TacticsPersistence
    Persistence
    Tactics_Privilege_Escalation
    Privilege Escalation
    Tactics_Defense_Evasion
    Defense Evasion
    Tactics_Credential_Access
    Credential Access
    TacticsDiscovery
    Discovery
    Tactics_Lateral_Movement
    Lateral Movement
    TacticsCollection
    Collection
    Tactics_Command_and_Control
    Command and Control
    TacticsExfiltration
    Exfiltration
    TacticsImpact
    Impact
    Reconnaissance
    Reconnaissance
    Resource_Development
    Resource Development
    Initial_Access
    Initial Access
    Execution
    Execution
    Persistence
    Persistence
    Privilege_Escalation
    Privilege Escalation
    Defense_Evasion
    Defense Evasion
    Credential_Access
    Credential Access
    Discovery
    Discovery
    Lateral_Movement
    Lateral Movement
    Collection
    Collection
    Command_and_Control
    Command and Control
    Exfiltration
    Exfiltration
    Impact
    Impact
    Reconnaissance
    Reconnaissance
    Resource_Development
    Resource Development
    Initial_Access
    Initial Access
    Execution
    Execution
    Persistence
    Persistence
    Privilege_Escalation
    Privilege Escalation
    Defense_Evasion
    Defense Evasion
    Credential_Access
    Credential Access
    Discovery
    Discovery
    Lateral_Movement
    Lateral Movement
    Collection
    Collection
    Command_and_Control
    Command and Control
    Exfiltration
    Exfiltration
    Impact
    Impact
    RECONNAISSANCE
    Reconnaissance
    RESOURCE_DEVELOPMENT
    Resource Development
    INITIAL_ACCESS
    Initial Access
    EXECUTION
    Execution
    PERSISTENCE
    Persistence
    PRIVILEGE_ESCALATION
    Privilege Escalation
    DEFENSE_EVASION
    Defense Evasion
    CREDENTIAL_ACCESS
    Credential Access
    DISCOVERY
    Discovery
    LATERAL_MOVEMENT
    Lateral Movement
    COLLECTION
    Collection
    COMMAND_AND_CONTROL
    Command and Control
    EXFILTRATION
    Exfiltration
    IMPACT
    Impact
    "Reconnaissance"
    Reconnaissance
    "Resource Development"
    Resource Development
    "Initial Access"
    Initial Access
    "Execution"
    Execution
    "Persistence"
    Persistence
    "Privilege Escalation"
    Privilege Escalation
    "Defense Evasion"
    Defense Evasion
    "Credential Access"
    Credential Access
    "Discovery"
    Discovery
    "Lateral Movement"
    Lateral Movement
    "Collection"
    Collection
    "Command and Control"
    Command and Control
    "Exfiltration"
    Exfiltration
    "Impact"
    Impact

    Techniques, TechniquesArgs

    Abuse_Elevation_Control_Mechanism
    Abuse Elevation Control Mechanism
    Access_Token_Manipulation
    Access Token Manipulation
    Account_Discovery
    Account Discovery
    Account_Manipulation
    Account Manipulation
    Active_Scanning
    Active Scanning
    Application_Layer_Protocol
    Application Layer Protocol
    Audio_Capture
    Audio Capture
    Boot_or_Logon_Autostart_Execution
    Boot or Logon Autostart Execution
    Boot_or_Logon_Initialization_Scripts
    Boot or Logon Initialization Scripts
    Brute_Force
    Brute Force
    Cloud_Infrastructure_Discovery
    Cloud Infrastructure Discovery
    Cloud_Service_Dashboard
    Cloud Service Dashboard
    Cloud_Service_Discovery
    Cloud Service Discovery
    Command_and_Scripting_Interpreter
    Command and Scripting Interpreter
    Compromise_Client_Software_Binary
    Compromise Client Software Binary
    Compromise_Infrastructure
    Compromise Infrastructure
    Container_and_Resource_Discovery
    Container and Resource Discovery
    Create_Account
    Create Account
    Create_or_Modify_System_Process
    Create or Modify System Process
    Credentials_from_Password_Stores
    Credentials from Password Stores
    Data_Destruction
    Data Destruction
    Data_Encrypted_for_Impact
    Data Encrypted for Impact
    Data_from_Cloud_Storage_Object
    Data from Cloud Storage Object
    Data_from_Configuration_Repository
    Data from Configuration Repository
    Data_from_Information_Repositories
    Data from Information Repositories
    Data_from_Local_System
    Data from Local System
    Data_Manipulation
    Data Manipulation
    Data_Staged
    Data Staged
    Defacement
    Defacement
    Deobfuscate_Decode_Files_or_Information
    Deobfuscate/Decode Files or Information
    Disk_Wipe
    Disk Wipe
    Domain_Trust_Discovery
    Domain Trust Discovery
    Drive_by_Compromise
    Drive-by Compromise
    Dynamic_Resolution
    Dynamic Resolution
    Endpoint_Denial_of_Service
    Endpoint Denial of Service
    Event_Triggered_Execution
    Event Triggered Execution
    Exfiltration_Over_Alternative_Protocol
    Exfiltration Over Alternative Protocol
    Exploit_Public_Facing_Application
    Exploit Public-Facing Application
    Exploitation_for_Client_Execution
    Exploitation for Client Execution
    Exploitation_for_Credential_Access
    Exploitation for Credential Access
    Exploitation_for_Defense_Evasion
    Exploitation for Defense Evasion
    Exploitation_for_Privilege_Escalation
    Exploitation for Privilege Escalation
    Exploitation_of_Remote_Services
    Exploitation of Remote Services
    External_Remote_Services
    External Remote Services
    Fallback_Channels
    Fallback Channels
    File_and_Directory_Discovery
    File and Directory Discovery
    Gather_Victim_Network_Information
    Gather Victim Network Information
    Hide_Artifacts
    Hide Artifacts
    Hijack_Execution_Flow
    Hijack Execution Flow
    Impair_Defenses
    Impair Defenses
    Implant_Container_Image
    Implant Container Image
    Indicator_Removal_on_Host
    Indicator Removal on Host
    Indirect_Command_Execution
    Indirect Command Execution
    Ingress_Tool_Transfer
    Ingress Tool Transfer
    Input_Capture
    Input Capture
    Inter_Process_Communication
    Inter-Process Communication
    Lateral_Tool_Transfer
    Lateral Tool Transfer
    Man_in_the_Middle
    Man-in-the-Middle
    Masquerading
    Masquerading
    Modify_Authentication_Process
    Modify Authentication Process
    Modify_Registry
    Modify Registry
    Network_Denial_of_Service
    Network Denial of Service
    Network_Service_Scanning
    Network Service Scanning
    Network_Sniffing
    Network Sniffing
    Non_Application_Layer_Protocol
    Non-Application Layer Protocol
    Non_Standard_Port
    Non-Standard Port
    Obtain_Capabilities
    Obtain Capabilities
    Obfuscated_Files_or_Information
    Obfuscated Files or Information
    Office_Application_Startup
    Office Application Startup
    OS_Credential_Dumping
    OS Credential Dumping
    Permission_Groups_Discovery
    Permission Groups Discovery
    Phishing
    Phishing
    Pre_OS_Boot
    Pre-OS Boot
    Process_Discovery
    Process Discovery
    Process_Injection
    Process Injection
    Protocol_Tunneling
    Protocol Tunneling
    Proxy
    Proxy
    Query_Registry
    Query Registry
    Remote_Access_Software
    Remote Access Software
    Remote_Service_Session_Hijacking
    Remote Service Session Hijacking
    Remote_Services
    Remote Services
    Remote_System_Discovery
    Remote System Discovery
    Resource_Hijacking
    Resource Hijacking
    Scheduled_Task_Job
    Scheduled Task/Job
    Screen_Capture
    Screen Capture
    Search_Victim_Owned_Websites
    Search Victim-Owned Websites
    Server_Software_Component
    Server Software Component
    Service_Stop
    Service Stop
    Signed_Binary_Proxy_Execution
    Signed Binary Proxy Execution
    Software_Deployment_Tools
    Software Deployment Tools
    SQL_Stored_Procedures
    SQL Stored Procedures
    Steal_or_Forge_Kerberos_Tickets
    Steal or Forge Kerberos Tickets
    Subvert_Trust_Controls
    Subvert Trust Controls
    Supply_Chain_Compromise
    Supply Chain Compromise
    System_Information_Discovery
    System Information Discovery
    Taint_Shared_Content
    Taint Shared Content
    Traffic_Signaling
    Traffic Signaling
    Transfer_Data_to_Cloud_Account
    Transfer Data to Cloud Account
    Trusted_Relationship
    Trusted Relationship
    Unsecured_Credentials
    Unsecured Credentials
    User_Execution
    User Execution
    Valid_Accounts
    Valid Accounts
    Windows_Management_Instrumentation
    Windows Management Instrumentation
    File_and_Directory_Permissions_Modification
    File and Directory Permissions Modification
    Techniques_Abuse_Elevation_Control_Mechanism
    Abuse Elevation Control Mechanism
    Techniques_Access_Token_Manipulation
    Access Token Manipulation
    Techniques_Account_Discovery
    Account Discovery
    Techniques_Account_Manipulation
    Account Manipulation
    Techniques_Active_Scanning
    Active Scanning
    Techniques_Application_Layer_Protocol
    Application Layer Protocol
    Techniques_Audio_Capture
    Audio Capture
    Techniques_Boot_or_Logon_Autostart_Execution
    Boot or Logon Autostart Execution
    Techniques_Boot_or_Logon_Initialization_Scripts
    Boot or Logon Initialization Scripts
    Techniques_Brute_Force
    Brute Force
    Techniques_Cloud_Infrastructure_Discovery
    Cloud Infrastructure Discovery
    Techniques_Cloud_Service_Dashboard
    Cloud Service Dashboard
    Techniques_Cloud_Service_Discovery
    Cloud Service Discovery
    Techniques_Command_and_Scripting_Interpreter
    Command and Scripting Interpreter
    Techniques_Compromise_Client_Software_Binary
    Compromise Client Software Binary
    Techniques_Compromise_Infrastructure
    Compromise Infrastructure
    Techniques_Container_and_Resource_Discovery
    Container and Resource Discovery
    Techniques_Create_Account
    Create Account
    Techniques_Create_or_Modify_System_Process
    Create or Modify System Process
    Techniques_Credentials_from_Password_Stores
    Credentials from Password Stores
    Techniques_Data_Destruction
    Data Destruction
    Techniques_Data_Encrypted_for_Impact
    Data Encrypted for Impact
    Techniques_Data_from_Cloud_Storage_Object
    Data from Cloud Storage Object
    Techniques_Data_from_Configuration_Repository
    Data from Configuration Repository
    Techniques_Data_from_Information_Repositories
    Data from Information Repositories
    Techniques_Data_from_Local_System
    Data from Local System
    Techniques_Data_Manipulation
    Data Manipulation
    Techniques_Data_Staged
    Data Staged
    TechniquesDefacement
    Defacement
    Techniques_Deobfuscate_Decode_Files_or_Information
    Deobfuscate/Decode Files or Information
    Techniques_Disk_Wipe
    Disk Wipe
    Techniques_Domain_Trust_Discovery
    Domain Trust Discovery
    Techniques_Drive_By_Compromise
    Drive-by Compromise
    Techniques_Dynamic_Resolution
    Dynamic Resolution
    Techniques_Endpoint_Denial_of_Service
    Endpoint Denial of Service
    Techniques_Event_Triggered_Execution
    Event Triggered Execution
    Techniques_Exfiltration_Over_Alternative_Protocol
    Exfiltration Over Alternative Protocol
    Techniques_Exploit_Public_Facing_Application
    Exploit Public-Facing Application
    Techniques_Exploitation_for_Client_Execution
    Exploitation for Client Execution
    Techniques_Exploitation_for_Credential_Access
    Exploitation for Credential Access
    Techniques_Exploitation_for_Defense_Evasion
    Exploitation for Defense Evasion
    Techniques_Exploitation_for_Privilege_Escalation
    Exploitation for Privilege Escalation
    Techniques_Exploitation_of_Remote_Services
    Exploitation of Remote Services
    Techniques_External_Remote_Services
    External Remote Services
    Techniques_Fallback_Channels
    Fallback Channels
    Techniques_File_and_Directory_Discovery
    File and Directory Discovery
    Techniques_Gather_Victim_Network_Information
    Gather Victim Network Information
    Techniques_Hide_Artifacts
    Hide Artifacts
    Techniques_Hijack_Execution_Flow
    Hijack Execution Flow
    Techniques_Impair_Defenses
    Impair Defenses
    Techniques_Implant_Container_Image
    Implant Container Image
    Techniques_Indicator_Removal_on_Host
    Indicator Removal on Host
    Techniques_Indirect_Command_Execution
    Indirect Command Execution
    Techniques_Ingress_Tool_Transfer
    Ingress Tool Transfer
    Techniques_Input_Capture
    Input Capture
    Techniques_Inter_Process_Communication
    Inter-Process Communication
    Techniques_Lateral_Tool_Transfer
    Lateral Tool Transfer
    Techniques_Man_In_The_Middle
    Man-in-the-Middle
    TechniquesMasquerading
    Masquerading
    Techniques_Modify_Authentication_Process
    Modify Authentication Process
    Techniques_Modify_Registry
    Modify Registry
    Techniques_Network_Denial_of_Service
    Network Denial of Service
    Techniques_Network_Service_Scanning
    Network Service Scanning
    Techniques_Network_Sniffing
    Network Sniffing
    Techniques_Non_Application_Layer_Protocol
    Non-Application Layer Protocol
    Techniques_Non_Standard_Port
    Non-Standard Port
    Techniques_Obtain_Capabilities
    Obtain Capabilities
    Techniques_Obfuscated_Files_or_Information
    Obfuscated Files or Information
    Techniques_Office_Application_Startup
    Office Application Startup
    Techniques_OS_Credential_Dumping
    OS Credential Dumping
    Techniques_Permission_Groups_Discovery
    Permission Groups Discovery
    TechniquesPhishing
    Phishing
    Techniques_Pre_OS_Boot
    Pre-OS Boot
    Techniques_Process_Discovery
    Process Discovery
    Techniques_Process_Injection
    Process Injection
    Techniques_Protocol_Tunneling
    Protocol Tunneling
    TechniquesProxy
    Proxy
    Techniques_Query_Registry
    Query Registry
    Techniques_Remote_Access_Software
    Remote Access Software
    Techniques_Remote_Service_Session_Hijacking
    Remote Service Session Hijacking
    Techniques_Remote_Services
    Remote Services
    Techniques_Remote_System_Discovery
    Remote System Discovery
    Techniques_Resource_Hijacking
    Resource Hijacking
    Techniques_Scheduled_Task_Job
    Scheduled Task/Job
    Techniques_Screen_Capture
    Screen Capture
    Techniques_Search_Victim_Owned_Websites
    Search Victim-Owned Websites
    Techniques_Server_Software_Component
    Server Software Component
    Techniques_Service_Stop
    Service Stop
    Techniques_Signed_Binary_Proxy_Execution
    Signed Binary Proxy Execution
    Techniques_Software_Deployment_Tools
    Software Deployment Tools
    Techniques_SQL_Stored_Procedures
    SQL Stored Procedures
    Techniques_Steal_or_Forge_Kerberos_Tickets
    Steal or Forge Kerberos Tickets
    Techniques_Subvert_Trust_Controls
    Subvert Trust Controls
    Techniques_Supply_Chain_Compromise
    Supply Chain Compromise
    Techniques_System_Information_Discovery
    System Information Discovery
    Techniques_Taint_Shared_Content
    Taint Shared Content
    Techniques_Traffic_Signaling
    Traffic Signaling
    Techniques_Transfer_Data_to_Cloud_Account
    Transfer Data to Cloud Account
    Techniques_Trusted_Relationship
    Trusted Relationship
    Techniques_Unsecured_Credentials
    Unsecured Credentials
    Techniques_User_Execution
    User Execution
    Techniques_Valid_Accounts
    Valid Accounts
    Techniques_Windows_Management_Instrumentation
    Windows Management Instrumentation
    Techniques_File_and_Directory_Permissions_Modification
    File and Directory Permissions Modification
    Abuse_Elevation_Control_Mechanism
    Abuse Elevation Control Mechanism
    Access_Token_Manipulation
    Access Token Manipulation
    Account_Discovery
    Account Discovery
    Account_Manipulation
    Account Manipulation
    Active_Scanning
    Active Scanning
    Application_Layer_Protocol
    Application Layer Protocol
    Audio_Capture
    Audio Capture
    Boot_or_Logon_Autostart_Execution
    Boot or Logon Autostart Execution
    Boot_or_Logon_Initialization_Scripts
    Boot or Logon Initialization Scripts
    Brute_Force
    Brute Force
    Cloud_Infrastructure_Discovery
    Cloud Infrastructure Discovery
    Cloud_Service_Dashboard
    Cloud Service Dashboard
    Cloud_Service_Discovery
    Cloud Service Discovery
    Command_and_Scripting_Interpreter
    Command and Scripting Interpreter
    Compromise_Client_Software_Binary
    Compromise Client Software Binary
    Compromise_Infrastructure
    Compromise Infrastructure
    Container_and_Resource_Discovery
    Container and Resource Discovery
    Create_Account
    Create Account
    Create_or_Modify_System_Process
    Create or Modify System Process
    Credentials_from_Password_Stores
    Credentials from Password Stores
    Data_Destruction
    Data Destruction
    Data_Encrypted_for_Impact
    Data Encrypted for Impact
    Data_from_Cloud_Storage_Object
    Data from Cloud Storage Object
    Data_from_Configuration_Repository
    Data from Configuration Repository
    Data_from_Information_Repositories
    Data from Information Repositories
    Data_from_Local_System
    Data from Local System
    Data_Manipulation
    Data Manipulation
    Data_Staged
    Data Staged
    Defacement
    Defacement
    Deobfuscate_Decode_Files_or_Information
    Deobfuscate/Decode Files or Information
    Disk_Wipe
    Disk Wipe
    Domain_Trust_Discovery
    Domain Trust Discovery
    Driveby_Compromise
    Drive-by Compromise
    Dynamic_Resolution
    Dynamic Resolution
    Endpoint_Denial_of_Service
    Endpoint Denial of Service
    Event_Triggered_Execution
    Event Triggered Execution
    Exfiltration_Over_Alternative_Protocol
    Exfiltration Over Alternative Protocol
    Exploit_PublicFacing_Application
    Exploit Public-Facing Application
    Exploitation_for_Client_Execution
    Exploitation for Client Execution
    Exploitation_for_Credential_Access
    Exploitation for Credential Access
    Exploitation_for_Defense_Evasion
    Exploitation for Defense Evasion
    Exploitation_for_Privilege_Escalation
    Exploitation for Privilege Escalation
    Exploitation_of_Remote_Services
    Exploitation of Remote Services
    External_Remote_Services
    External Remote Services
    Fallback_Channels
    Fallback Channels
    File_and_Directory_Discovery
    File and Directory Discovery
    Gather_Victim_Network_Information
    Gather Victim Network Information
    Hide_Artifacts
    Hide Artifacts
    Hijack_Execution_Flow
    Hijack Execution Flow
    Impair_Defenses
    Impair Defenses
    Implant_Container_Image
    Implant Container Image
    Indicator_Removal_on_Host
    Indicator Removal on Host
    Indirect_Command_Execution
    Indirect Command Execution
    Ingress_Tool_Transfer
    Ingress Tool Transfer
    Input_Capture
    Input Capture
    InterProcess_Communication
    Inter-Process Communication
    Lateral_Tool_Transfer
    Lateral Tool Transfer
    ManintheMiddle
    Man-in-the-Middle
    Masquerading
    Masquerading
    Modify_Authentication_Process
    Modify Authentication Process
    Modify_Registry
    Modify Registry
    Network_Denial_of_Service
    Network Denial of Service
    Network_Service_Scanning
    Network Service Scanning
    Network_Sniffing
    Network Sniffing
    NonApplication_Layer_Protocol
    Non-Application Layer Protocol
    NonStandard_Port
    Non-Standard Port
    Obtain_Capabilities
    Obtain Capabilities
    Obfuscated_Files_or_Information
    Obfuscated Files or Information
    Office_Application_Startup
    Office Application Startup
    OS_Credential_Dumping
    OS Credential Dumping
    Permission_Groups_Discovery
    Permission Groups Discovery
    Phishing
    Phishing
    PreOS_Boot
    Pre-OS Boot
    Process_Discovery
    Process Discovery
    Process_Injection
    Process Injection
    Protocol_Tunneling
    Protocol Tunneling
    Proxy
    Proxy
    Query_Registry
    Query Registry
    Remote_Access_Software
    Remote Access Software
    Remote_Service_Session_Hijacking
    Remote Service Session Hijacking
    Remote_Services
    Remote Services
    Remote_System_Discovery
    Remote System Discovery
    Resource_Hijacking
    Resource Hijacking
    Scheduled_Task_Job
    Scheduled Task/Job
    Screen_Capture
    Screen Capture
    Search_VictimOwned_Websites
    Search Victim-Owned Websites
    Server_Software_Component
    Server Software Component
    Service_Stop
    Service Stop
    Signed_Binary_Proxy_Execution
    Signed Binary Proxy Execution
    Software_Deployment_Tools
    Software Deployment Tools
    SQL_Stored_Procedures
    SQL Stored Procedures
    Steal_or_Forge_Kerberos_Tickets
    Steal or Forge Kerberos Tickets
    Subvert_Trust_Controls
    Subvert Trust Controls
    Supply_Chain_Compromise
    Supply Chain Compromise
    System_Information_Discovery
    System Information Discovery
    Taint_Shared_Content
    Taint Shared Content
    Traffic_Signaling
    Traffic Signaling
    Transfer_Data_to_Cloud_Account
    Transfer Data to Cloud Account
    Trusted_Relationship
    Trusted Relationship
    Unsecured_Credentials
    Unsecured Credentials
    User_Execution
    User Execution
    Valid_Accounts
    Valid Accounts
    Windows_Management_Instrumentation
    Windows Management Instrumentation
    File_and_Directory_Permissions_Modification
    File and Directory Permissions Modification
    Abuse_Elevation_Control_Mechanism
    Abuse Elevation Control Mechanism
    Access_Token_Manipulation
    Access Token Manipulation
    Account_Discovery
    Account Discovery
    Account_Manipulation
    Account Manipulation
    Active_Scanning
    Active Scanning
    Application_Layer_Protocol
    Application Layer Protocol
    Audio_Capture
    Audio Capture
    Boot_or_Logon_Autostart_Execution
    Boot or Logon Autostart Execution
    Boot_or_Logon_Initialization_Scripts
    Boot or Logon Initialization Scripts
    Brute_Force
    Brute Force
    Cloud_Infrastructure_Discovery
    Cloud Infrastructure Discovery
    Cloud_Service_Dashboard
    Cloud Service Dashboard
    Cloud_Service_Discovery
    Cloud Service Discovery
    Command_and_Scripting_Interpreter
    Command and Scripting Interpreter
    Compromise_Client_Software_Binary
    Compromise Client Software Binary
    Compromise_Infrastructure
    Compromise Infrastructure
    Container_and_Resource_Discovery
    Container and Resource Discovery
    Create_Account
    Create Account
    Create_or_Modify_System_Process
    Create or Modify System Process
    Credentials_from_Password_Stores
    Credentials from Password Stores
    Data_Destruction
    Data Destruction
    Data_Encrypted_for_Impact
    Data Encrypted for Impact
    Data_from_Cloud_Storage_Object
    Data from Cloud Storage Object
    Data_from_Configuration_Repository
    Data from Configuration Repository
    Data_from_Information_Repositories
    Data from Information Repositories
    Data_from_Local_System
    Data from Local System
    Data_Manipulation
    Data Manipulation
    Data_Staged
    Data Staged
    Defacement
    Defacement
    Deobfuscate_Decode_Files_or_Information
    Deobfuscate/Decode Files or Information
    Disk_Wipe
    Disk Wipe
    Domain_Trust_Discovery
    Domain Trust Discovery
    Drive_by_Compromise
    Drive-by Compromise
    Dynamic_Resolution
    Dynamic Resolution
    Endpoint_Denial_of_Service
    Endpoint Denial of Service
    Event_Triggered_Execution
    Event Triggered Execution
    Exfiltration_Over_Alternative_Protocol
    Exfiltration Over Alternative Protocol
    Exploit_Public_Facing_Application
    Exploit Public-Facing Application
    Exploitation_for_Client_Execution
    Exploitation for Client Execution
    Exploitation_for_Credential_Access
    Exploitation for Credential Access
    Exploitation_for_Defense_Evasion
    Exploitation for Defense Evasion
    Exploitation_for_Privilege_Escalation
    Exploitation for Privilege Escalation
    Exploitation_of_Remote_Services
    Exploitation of Remote Services
    External_Remote_Services
    External Remote Services
    Fallback_Channels
    Fallback Channels
    File_and_Directory_Discovery
    File and Directory Discovery
    Gather_Victim_Network_Information
    Gather Victim Network Information
    Hide_Artifacts
    Hide Artifacts
    Hijack_Execution_Flow
    Hijack Execution Flow
    Impair_Defenses
    Impair Defenses
    Implant_Container_Image
    Implant Container Image
    Indicator_Removal_on_Host
    Indicator Removal on Host
    Indirect_Command_Execution
    Indirect Command Execution
    Ingress_Tool_Transfer
    Ingress Tool Transfer
    Input_Capture
    Input Capture
    Inter_Process_Communication
    Inter-Process Communication
    Lateral_Tool_Transfer
    Lateral Tool Transfer
    Man_in_the_Middle
    Man-in-the-Middle
    Masquerading
    Masquerading
    Modify_Authentication_Process
    Modify Authentication Process
    Modify_Registry
    Modify Registry
    Network_Denial_of_Service
    Network Denial of Service
    Network_Service_Scanning
    Network Service Scanning
    Network_Sniffing
    Network Sniffing
    Non_Application_Layer_Protocol
    Non-Application Layer Protocol
    Non_Standard_Port
    Non-Standard Port
    Obtain_Capabilities
    Obtain Capabilities
    Obfuscated_Files_or_Information
    Obfuscated Files or Information
    Office_Application_Startup
    Office Application Startup
    OS_Credential_Dumping
    OS Credential Dumping
    Permission_Groups_Discovery
    Permission Groups Discovery
    Phishing
    Phishing
    Pre_OS_Boot
    Pre-OS Boot
    Process_Discovery
    Process Discovery
    Process_Injection
    Process Injection
    Protocol_Tunneling
    Protocol Tunneling
    Proxy
    Proxy
    Query_Registry
    Query Registry
    Remote_Access_Software
    Remote Access Software
    Remote_Service_Session_Hijacking
    Remote Service Session Hijacking
    Remote_Services
    Remote Services
    Remote_System_Discovery
    Remote System Discovery
    Resource_Hijacking
    Resource Hijacking
    Scheduled_Task_Job
    Scheduled Task/Job
    Screen_Capture
    Screen Capture
    Search_Victim_Owned_Websites
    Search Victim-Owned Websites
    Server_Software_Component
    Server Software Component
    Service_Stop
    Service Stop
    Signed_Binary_Proxy_Execution
    Signed Binary Proxy Execution
    Software_Deployment_Tools
    Software Deployment Tools
    SQL_Stored_Procedures
    SQL Stored Procedures
    Steal_or_Forge_Kerberos_Tickets
    Steal or Forge Kerberos Tickets
    Subvert_Trust_Controls
    Subvert Trust Controls
    Supply_Chain_Compromise
    Supply Chain Compromise
    System_Information_Discovery
    System Information Discovery
    Taint_Shared_Content
    Taint Shared Content
    Traffic_Signaling
    Traffic Signaling
    Transfer_Data_to_Cloud_Account
    Transfer Data to Cloud Account
    Trusted_Relationship
    Trusted Relationship
    Unsecured_Credentials
    Unsecured Credentials
    User_Execution
    User Execution
    Valid_Accounts
    Valid Accounts
    Windows_Management_Instrumentation
    Windows Management Instrumentation
    File_and_Directory_Permissions_Modification
    File and Directory Permissions Modification
    ABUSE_ELEVATION_CONTROL_MECHANISM
    Abuse Elevation Control Mechanism
    ACCESS_TOKEN_MANIPULATION
    Access Token Manipulation
    ACCOUNT_DISCOVERY
    Account Discovery
    ACCOUNT_MANIPULATION
    Account Manipulation
    ACTIVE_SCANNING
    Active Scanning
    APPLICATION_LAYER_PROTOCOL
    Application Layer Protocol
    AUDIO_CAPTURE
    Audio Capture
    BOOT_OR_LOGON_AUTOSTART_EXECUTION
    Boot or Logon Autostart Execution
    BOOT_OR_LOGON_INITIALIZATION_SCRIPTS
    Boot or Logon Initialization Scripts
    BRUTE_FORCE
    Brute Force
    CLOUD_INFRASTRUCTURE_DISCOVERY
    Cloud Infrastructure Discovery
    CLOUD_SERVICE_DASHBOARD
    Cloud Service Dashboard
    CLOUD_SERVICE_DISCOVERY
    Cloud Service Discovery
    COMMAND_AND_SCRIPTING_INTERPRETER
    Command and Scripting Interpreter
    COMPROMISE_CLIENT_SOFTWARE_BINARY
    Compromise Client Software Binary
    COMPROMISE_INFRASTRUCTURE
    Compromise Infrastructure
    CONTAINER_AND_RESOURCE_DISCOVERY
    Container and Resource Discovery
    CREATE_ACCOUNT
    Create Account
    CREATE_OR_MODIFY_SYSTEM_PROCESS
    Create or Modify System Process
    CREDENTIALS_FROM_PASSWORD_STORES
    Credentials from Password Stores
    DATA_DESTRUCTION
    Data Destruction
    DATA_ENCRYPTED_FOR_IMPACT
    Data Encrypted for Impact
    DATA_FROM_CLOUD_STORAGE_OBJECT
    Data from Cloud Storage Object
    DATA_FROM_CONFIGURATION_REPOSITORY
    Data from Configuration Repository
    DATA_FROM_INFORMATION_REPOSITORIES
    Data from Information Repositories
    DATA_FROM_LOCAL_SYSTEM
    Data from Local System
    DATA_MANIPULATION
    Data Manipulation
    DATA_STAGED
    Data Staged
    DEFACEMENT
    Defacement
    DEOBFUSCATE_DECODE_FILES_OR_INFORMATION
    Deobfuscate/Decode Files or Information
    DISK_WIPE
    Disk Wipe
    DOMAIN_TRUST_DISCOVERY
    Domain Trust Discovery
    DRIVE_BY_COMPROMISE
    Drive-by Compromise
    DYNAMIC_RESOLUTION
    Dynamic Resolution
    ENDPOINT_DENIAL_OF_SERVICE
    Endpoint Denial of Service
    EVENT_TRIGGERED_EXECUTION
    Event Triggered Execution
    EXFILTRATION_OVER_ALTERNATIVE_PROTOCOL
    Exfiltration Over Alternative Protocol
    EXPLOIT_PUBLIC_FACING_APPLICATION
    Exploit Public-Facing Application
    EXPLOITATION_FOR_CLIENT_EXECUTION
    Exploitation for Client Execution
    EXPLOITATION_FOR_CREDENTIAL_ACCESS
    Exploitation for Credential Access
    EXPLOITATION_FOR_DEFENSE_EVASION
    Exploitation for Defense Evasion
    EXPLOITATION_FOR_PRIVILEGE_ESCALATION
    Exploitation for Privilege Escalation
    EXPLOITATION_OF_REMOTE_SERVICES
    Exploitation of Remote Services
    EXTERNAL_REMOTE_SERVICES
    External Remote Services
    FALLBACK_CHANNELS
    Fallback Channels
    FILE_AND_DIRECTORY_DISCOVERY
    File and Directory Discovery
    GATHER_VICTIM_NETWORK_INFORMATION
    Gather Victim Network Information
    HIDE_ARTIFACTS
    Hide Artifacts
    HIJACK_EXECUTION_FLOW
    Hijack Execution Flow
    IMPAIR_DEFENSES
    Impair Defenses
    IMPLANT_CONTAINER_IMAGE
    Implant Container Image
    INDICATOR_REMOVAL_ON_HOST
    Indicator Removal on Host
    INDIRECT_COMMAND_EXECUTION
    Indirect Command Execution
    INGRESS_TOOL_TRANSFER
    Ingress Tool Transfer
    INPUT_CAPTURE
    Input Capture
    INTER_PROCESS_COMMUNICATION
    Inter-Process Communication
    LATERAL_TOOL_TRANSFER
    Lateral Tool Transfer
    MAN_IN_THE_MIDDLE
    Man-in-the-Middle
    MASQUERADING
    Masquerading
    MODIFY_AUTHENTICATION_PROCESS
    Modify Authentication Process
    MODIFY_REGISTRY
    Modify Registry
    NETWORK_DENIAL_OF_SERVICE
    Network Denial of Service
    NETWORK_SERVICE_SCANNING
    Network Service Scanning
    NETWORK_SNIFFING
    Network Sniffing
    NON_APPLICATION_LAYER_PROTOCOL
    Non-Application Layer Protocol
    NON_STANDARD_PORT
    Non-Standard Port
    OBTAIN_CAPABILITIES
    Obtain Capabilities
    OBFUSCATED_FILES_OR_INFORMATION
    Obfuscated Files or Information
    OFFICE_APPLICATION_STARTUP
    Office Application Startup
    O_S_CREDENTIAL_DUMPING
    OS Credential Dumping
    PERMISSION_GROUPS_DISCOVERY
    Permission Groups Discovery
    PHISHING
    Phishing
    PRE_O_S_BOOT
    Pre-OS Boot
    PROCESS_DISCOVERY
    Process Discovery
    PROCESS_INJECTION
    Process Injection
    PROTOCOL_TUNNELING
    Protocol Tunneling
    PROXY
    Proxy
    QUERY_REGISTRY
    Query Registry
    REMOTE_ACCESS_SOFTWARE
    Remote Access Software
    REMOTE_SERVICE_SESSION_HIJACKING
    Remote Service Session Hijacking
    REMOTE_SERVICES
    Remote Services
    REMOTE_SYSTEM_DISCOVERY
    Remote System Discovery
    RESOURCE_HIJACKING
    Resource Hijacking
    SCHEDULED_TASK_JOB
    Scheduled Task/Job
    SCREEN_CAPTURE
    Screen Capture
    SEARCH_VICTIM_OWNED_WEBSITES
    Search Victim-Owned Websites
    SERVER_SOFTWARE_COMPONENT
    Server Software Component
    SERVICE_STOP
    Service Stop
    SIGNED_BINARY_PROXY_EXECUTION
    Signed Binary Proxy Execution
    SOFTWARE_DEPLOYMENT_TOOLS
    Software Deployment Tools
    SQ_L_STORED_PROCEDURES
    SQL Stored Procedures
    STEAL_OR_FORGE_KERBEROS_TICKETS
    Steal or Forge Kerberos Tickets
    SUBVERT_TRUST_CONTROLS
    Subvert Trust Controls
    SUPPLY_CHAIN_COMPROMISE
    Supply Chain Compromise
    SYSTEM_INFORMATION_DISCOVERY
    System Information Discovery
    TAINT_SHARED_CONTENT
    Taint Shared Content
    TRAFFIC_SIGNALING
    Traffic Signaling
    TRANSFER_DATA_TO_CLOUD_ACCOUNT
    Transfer Data to Cloud Account
    TRUSTED_RELATIONSHIP
    Trusted Relationship
    UNSECURED_CREDENTIALS
    Unsecured Credentials
    USER_EXECUTION
    User Execution
    VALID_ACCOUNTS
    Valid Accounts
    WINDOWS_MANAGEMENT_INSTRUMENTATION
    Windows Management Instrumentation
    FILE_AND_DIRECTORY_PERMISSIONS_MODIFICATION
    File and Directory Permissions Modification
    "Abuse Elevation Control Mechanism"
    Abuse Elevation Control Mechanism
    "Access Token Manipulation"
    Access Token Manipulation
    "Account Discovery"
    Account Discovery
    "Account Manipulation"
    Account Manipulation
    "Active Scanning"
    Active Scanning
    "Application Layer Protocol"
    Application Layer Protocol
    "Audio Capture"
    Audio Capture
    "Boot or Logon Autostart Execution"
    Boot or Logon Autostart Execution
    "Boot or Logon Initialization Scripts"
    Boot or Logon Initialization Scripts
    "Brute Force"
    Brute Force
    "Cloud Infrastructure Discovery"
    Cloud Infrastructure Discovery
    "Cloud Service Dashboard"
    Cloud Service Dashboard
    "Cloud Service Discovery"
    Cloud Service Discovery
    "Command and Scripting Interpreter"
    Command and Scripting Interpreter
    "Compromise Client Software Binary"
    Compromise Client Software Binary
    "Compromise Infrastructure"
    Compromise Infrastructure
    "Container and Resource Discovery"
    Container and Resource Discovery
    "Create Account"
    Create Account
    "Create or Modify System Process"
    Create or Modify System Process
    "Credentials from Password Stores"
    Credentials from Password Stores
    "Data Destruction"
    Data Destruction
    "Data Encrypted for Impact"
    Data Encrypted for Impact
    "Data from Cloud Storage Object"
    Data from Cloud Storage Object
    "Data from Configuration Repository"
    Data from Configuration Repository
    "Data from Information Repositories"
    Data from Information Repositories
    "Data from Local System"
    Data from Local System
    "Data Manipulation"
    Data Manipulation
    "Data Staged"
    Data Staged
    "Defacement"
    Defacement
    "Deobfuscate/Decode Files or Information"
    Deobfuscate/Decode Files or Information
    "Disk Wipe"
    Disk Wipe
    "Domain Trust Discovery"
    Domain Trust Discovery
    "Drive-by Compromise"
    Drive-by Compromise
    "Dynamic Resolution"
    Dynamic Resolution
    "Endpoint Denial of Service"
    Endpoint Denial of Service
    "Event Triggered Execution"
    Event Triggered Execution
    "Exfiltration Over Alternative Protocol"
    Exfiltration Over Alternative Protocol
    "Exploit Public-Facing Application"
    Exploit Public-Facing Application
    "Exploitation for Client Execution"
    Exploitation for Client Execution
    "Exploitation for Credential Access"
    Exploitation for Credential Access
    "Exploitation for Defense Evasion"
    Exploitation for Defense Evasion
    "Exploitation for Privilege Escalation"
    Exploitation for Privilege Escalation
    "Exploitation of Remote Services"
    Exploitation of Remote Services
    "External Remote Services"
    External Remote Services
    "Fallback Channels"
    Fallback Channels
    "File and Directory Discovery"
    File and Directory Discovery
    "Gather Victim Network Information"
    Gather Victim Network Information
    "Hide Artifacts"
    Hide Artifacts
    "Hijack Execution Flow"
    Hijack Execution Flow
    "Impair Defenses"
    Impair Defenses
    "Implant Container Image"
    Implant Container Image
    "Indicator Removal on Host"
    Indicator Removal on Host
    "Indirect Command Execution"
    Indirect Command Execution
    "Ingress Tool Transfer"
    Ingress Tool Transfer
    "Input Capture"
    Input Capture
    "Inter-Process Communication"
    Inter-Process Communication
    "Lateral Tool Transfer"
    Lateral Tool Transfer
    "Man-in-the-Middle"
    Man-in-the-Middle
    "Masquerading"
    Masquerading
    "Modify Authentication Process"
    Modify Authentication Process
    "Modify Registry"
    Modify Registry
    "Network Denial of Service"
    Network Denial of Service
    "Network Service Scanning"
    Network Service Scanning
    "Network Sniffing"
    Network Sniffing
    "Non-Application Layer Protocol"
    Non-Application Layer Protocol
    "Non-Standard Port"
    Non-Standard Port
    "Obtain Capabilities"
    Obtain Capabilities
    "Obfuscated Files or Information"
    Obfuscated Files or Information
    "Office Application Startup"
    Office Application Startup
    "OS Credential Dumping"
    OS Credential Dumping
    "Permission Groups Discovery"
    Permission Groups Discovery
    "Phishing"
    Phishing
    "Pre-OS Boot"
    Pre-OS Boot
    "Process Discovery"
    Process Discovery
    "Process Injection"
    Process Injection
    "Protocol Tunneling"
    Protocol Tunneling
    "Proxy"
    Proxy
    "Query Registry"
    Query Registry
    "Remote Access Software"
    Remote Access Software
    "Remote Service Session Hijacking"
    Remote Service Session Hijacking
    "Remote Services"
    Remote Services
    "Remote System Discovery"
    Remote System Discovery
    "Resource Hijacking"
    Resource Hijacking
    "Scheduled Task/Job"
    Scheduled Task/Job
    "Screen Capture"
    Screen Capture
    "Search Victim-Owned Websites"
    Search Victim-Owned Websites
    "Server Software Component"
    Server Software Component
    "Service Stop"
    Service Stop
    "Signed Binary Proxy Execution"
    Signed Binary Proxy Execution
    "Software Deployment Tools"
    Software Deployment Tools
    "SQL Stored Procedures"
    SQL Stored Procedures
    "Steal or Forge Kerberos Tickets"
    Steal or Forge Kerberos Tickets
    "Subvert Trust Controls"
    Subvert Trust Controls
    "Supply Chain Compromise"
    Supply Chain Compromise
    "System Information Discovery"
    System Information Discovery
    "Taint Shared Content"
    Taint Shared Content
    "Traffic Signaling"
    Traffic Signaling
    "Transfer Data to Cloud Account"
    Transfer Data to Cloud Account
    "Trusted Relationship"
    Trusted Relationship
    "Unsecured Credentials"
    Unsecured Credentials
    "User Execution"
    User Execution
    "Valid Accounts"
    Valid Accounts
    "Windows Management Instrumentation"
    Windows Management Instrumentation
    "File and Directory Permissions Modification"
    File and Directory Permissions Modification

    Threats, ThreatsArgs

    AccountBreach
    accountBreach
    DataExfiltration
    dataExfiltration
    DataSpillage
    dataSpillage
    MaliciousInsider
    maliciousInsider
    ElevationOfPrivilege
    elevationOfPrivilege
    ThreatResistance
    threatResistance
    MissingCoverage
    missingCoverage
    DenialOfService
    denialOfService
    ThreatsAccountBreach
    accountBreach
    ThreatsDataExfiltration
    dataExfiltration
    ThreatsDataSpillage
    dataSpillage
    ThreatsMaliciousInsider
    maliciousInsider
    ThreatsElevationOfPrivilege
    elevationOfPrivilege
    ThreatsThreatResistance
    threatResistance
    ThreatsMissingCoverage
    missingCoverage
    ThreatsDenialOfService
    denialOfService
    AccountBreach
    accountBreach
    DataExfiltration
    dataExfiltration
    DataSpillage
    dataSpillage
    MaliciousInsider
    maliciousInsider
    ElevationOfPrivilege
    elevationOfPrivilege
    ThreatResistance
    threatResistance
    MissingCoverage
    missingCoverage
    DenialOfService
    denialOfService
    AccountBreach
    accountBreach
    DataExfiltration
    dataExfiltration
    DataSpillage
    dataSpillage
    MaliciousInsider
    maliciousInsider
    ElevationOfPrivilege
    elevationOfPrivilege
    ThreatResistance
    threatResistance
    MissingCoverage
    missingCoverage
    DenialOfService
    denialOfService
    ACCOUNT_BREACH
    accountBreach
    DATA_EXFILTRATION
    dataExfiltration
    DATA_SPILLAGE
    dataSpillage
    MALICIOUS_INSIDER
    maliciousInsider
    ELEVATION_OF_PRIVILEGE
    elevationOfPrivilege
    THREAT_RESISTANCE
    threatResistance
    MISSING_COVERAGE
    missingCoverage
    DENIAL_OF_SERVICE
    denialOfService
    "accountBreach"
    accountBreach
    "dataExfiltration"
    dataExfiltration
    "dataSpillage"
    dataSpillage
    "maliciousInsider"
    maliciousInsider
    "elevationOfPrivilege"
    elevationOfPrivilege
    "threatResistance"
    threatResistance
    "missingCoverage"
    missingCoverage
    "denialOfService"
    denialOfService

    UserImpact, UserImpactArgs

    Low
    Low
    Moderate
    Moderate
    High
    High
    UserImpactLow
    Low
    UserImpactModerate
    Moderate
    UserImpactHigh
    High
    Low
    Low
    Moderate
    Moderate
    High
    High
    Low
    Low
    Moderate
    Moderate
    High
    High
    LOW
    Low
    MODERATE
    Moderate
    HIGH
    High
    "Low"
    Low
    "Moderate"
    Moderate
    "High"
    High

    Import

    An existing resource can be imported using its type token, name, and identifier, e.g.

    $ pulumi import azure-native:security:AssessmentMetadataInSubscription ca039e75-a276-4175-aebc-bcd41e4b14b7 /subscriptions/{subscriptionId}/providers/Microsoft.Security/assessmentMetadata/{assessmentMetadataName} 
    

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    Azure Native pulumi/pulumi-azure-native
    License
    Apache-2.0
    azure-native logo
    This is the latest version of Azure Native. Use the Azure Native v1 docs if using the v1 version of this package.
    Azure Native v2.73.0 published on Wednesday, Nov 20, 2024 by Pulumi